The access lists are wrong.
The not working monit has use address set to 74.86.139.71 so it is bound to this IP only.I guess you're trying to access the website from a computer that's in the 172 network, right?

OK, then please tell me more about your network.
The working monit server seems to have the address 172.xx.xx.25 in your network. Therefore, it has been configured to use this address as the default monit webserver address:

use address 172.xx.xx.25

Furthermore, clients from within this network (172.xx.xx.0/255.255.255.0) are allowed to access this monit server, thus the following line in the configuration appears:

allow 172.xx.xx.99/255.255.255.0

It works, and that's absolutely fine.

_BUT_ (and that's the question) the second server does not seem to have an IP address in the same network (172.xx.xx.0), but it has an IP address in another network (xx.xx.137.71).
You told this monit server to listen on requests on this address, thus the following entry in the monitrc:

use address xx.xx.139.71

And then you allowed connections to this address only when they come from 172.xx.xx.0, see this line in monitrc:

allow 172.xx.xx.25/255.255.255.0

The problem with this is, that 172.xx.xx.25 and xx.xx.139.71 are not in the same network and therefore this won't work, because connections from the 172.xx.xx.0/24 network need to be routed to this monit server. Is this the case?

Are the two monit servers in the same network? I think the problem is that I don't understand how your network is configured (a simple paint like scheme would help me to understand your topology).

I did not suggest to change it from 172.xx.xx.25/255.255.255.0 to 172.xx.xx.99/255.255.255.0 because that doesn't make sense. In a network declartion of this kind (255.255.255.0) the last number (.25 resp. 99) doesn't get honoured at all, so it's esxactly the same if you write 172.xx.xx.0/255.255.255.0 or 172.xx.xx.199/255.255.255.0.

I/You do need to know if the 172.xx.xx.0 network gets routed (address stays the same) or translated (NAT, address changes) when trying to access the xx.xx.139.71 host.

Try to change the

allow 172.xx.xx.something

line for the not working monit system to

allow 0.0.0.0/0.0.0.0

that way, _ALL_ hosts are allowed to access this system.
This is definetly not what you want, but it should at least work for testing purposes.

Hmm... Just to be sure: Can you ping the not working monit server from your client machine and after applying the modifications to the monitrc, have you restarted the monit service for the changes to take effect?

Is it possible to try to connect to this server from within the same subnet (74.86.x.x)?

Featured Post

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

If I have to fix slow responding website my first thoughts are server side optimizations: the database may not be optimized or caching is not enabled, or things like that. We often overlook another major part of our web application: the client. We o…

Thoughout my experience working on eCommerce web applications I have seen applications succumbing to increased user demand and throughput. With increased loads the response times started to spike, which leads to user frustration and lost sales. I ha…

Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.